On Wed, 23 Nov 2016, John Mattsson wrote:
One question, currently SHA-1 signature are not only allowed by RFC7296,
but even "SHOULD use as default”. 4307bis does not change this. Shouldn’t
something be done about this. Right now (and even with 4307bis):
From Section 4 of the bis document:
One question, currently SHA-1 signature are not only allowed by RFC7296,
but even "SHOULD use as default”. 4307bis does not change this. Shouldn’t
something be done about this. Right now (and even with 4307bis):
RSASSA-PKCS1-v1.5 with SHA-1 is MUST support and everything else
(PSS+SHA-2, ECSDA+SHA